---
- name: install needed packages
  package: name={{ item }} state=present
  with_items:
  - python-psycopg2
  - httpd
  - mod_wsgi
  - python2-mock
  - modern-paste
  - stickynotes2modernpaste
  - python2-flask-oidc
  tags:
  - packages
  - modernpaste

- name: modernpaste config
  template: src=config.py dest=/etc/modern-paste/config.py owner=apache group=apache mode=600
  tags:
  - config
  - modernpaste
  notify: reload httpd

- name: stickynotes2modernpaste config
  template: src=config.ini dest=/etc/stickynotes2modernpaste/config.ini owner=root group=root mode=644
  tags:
  - config
  - modernpaste
  notify: reload httpd

- name: modernpaste flask config
  template: src=flask_config.py dest=/etc/modern-paste/flask_config.py owner=apache group=apache mode=600
  tags:
  - config
  - modernpaste
  notify: reload httpd

- name: modernpaste oidc secrets
  template: src=client_secrets.json dest=/etc/modern-paste/client_secrets.json owner=apache group=apache mode=600
  when: env == 'staging'
  tags:
  - config
  - modernpaste
  notify: reload httpd

- name: modernpaste apache config
  template: src=modern-paste.conf dest=/etc/httpd/conf.d/modern-paste.conf owner=root group=root mode=644
  tags:
  - config
  - modernpaste
  notify: reload httpd

- name: Apply modernpaste hotfixes for forcing 1 week expiry (1)
  copy: src=post.html dest=/usr/share/modern-paste/app/templates/paste/post.html owner=root group=root mode=644
  when: env != 'staging'
  tags:
  - hotfix
  - modernpaste
  notify: reload httpd

- name: Apply modernpaste hotfixes for forcing 1 week expiry (2)
  copy: src=paste.py dest=/usr/share/modern-paste/app/api/paste.py owner=root group=root mode=644
  when: env != 'staging'
  tags:
  - hotfix
  - modernpaste
  notify: reload httpd

- name: Add fedora pastebin logo here for now due to packaging bug on relrod's part
  copy: src=fedorapastebin-logo.png dest=/usr/share/modern-paste/app/static/img/fedorapastebin-logo.png owner=root group=root mode=644
  tags:
  - modernpaste

- name: Script for manual paste deactivation
  copy: src=deactivate-paste.py dest=/usr/local/bin/deactivate-paste.py owner=root group=root mode=755
  tags:
  - modernpaste

- name: Script for paste information
  copy: src=paste-info.py dest=/usr/local/bin/paste-info.py owner=root group=root mode=755
  tags:
  - modernpaste

- name: set sebooleans so paste can talk to the db and sn2mp can talk to paste
  seboolean: name={{item}} state=true persistent=true
  with_items:
  - httpd_can_network_connect_db
  - httpd_can_network_connect
  tags:
  - config
  - selinux
  - modernpaste

- name: startup apache
  service: name=httpd enabled=yes state=started
  tags:
  - modernpaste
